2 * Copyright (c) 2001-2006, Cisco Systems, Inc. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are met:
7 * a) Redistributions of source code must retain the above copyright notice,
8 * this list of conditions and the following disclaimer.
10 * b) Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in
12 * the documentation and/or other materials provided with the distribution.
14 * c) Neither the name of Cisco Systems, Inc. nor the names of its
15 * contributors may be used to endorse or promote products derived
16 * from this software without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
20 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
28 * THE POSSIBILITY OF SUCH DAMAGE.
31 /* $KAME: sctp_output.c,v 1.46 2005/03/06 16:04:17 itojun Exp $ */
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 #include "opt_ipsec.h"
37 #include "opt_compat.h"
38 #include "opt_inet6.h"
41 #include <sys/param.h>
42 #include <sys/systm.h>
43 #include <sys/malloc.h>
45 #include <sys/domain.h>
46 #include <sys/protosw.h>
47 #include <sys/socket.h>
48 #include <sys/socketvar.h>
50 #include <sys/kernel.h>
51 #include <sys/sysctl.h>
52 #include <sys/resourcevar.h>
55 #include <sys/domain.h>
58 #include <sys/limits.h>
59 #include <machine/cpu.h>
62 #include <net/if_types.h>
64 #include <net/if_var.h>
66 #include <net/route.h>
68 #include <netinet/in.h>
69 #include <netinet/in_systm.h>
70 #include <netinet/ip.h>
71 #include <netinet/in_pcb.h>
72 #include <netinet/in_var.h>
73 #include <netinet/ip_var.h>
76 #include <netinet/ip6.h>
77 #include <netinet6/ip6_var.h>
78 #include <netinet6/scope6_var.h>
79 #include <netinet6/nd6.h>
81 #include <netinet6/in6_pcb.h>
83 #include <netinet/icmp6.h>
95 #include <netinet6/ipsec.h>
96 #include <netkey/key.h>
99 #include <netinet/sctp_os.h>
100 #include <netinet/sctp_var.h>
101 #include <netinet/sctp_pcb.h>
102 #include <netinet/sctp_header.h>
103 #include <netinet/sctputil.h>
104 #include <netinet/sctp_output.h>
105 #include <netinet/sctp_bsd_addr.h>
106 #include <netinet/sctp_uio.h>
107 #include <netinet/sctputil.h>
108 #include <netinet/sctp_timer.h>
109 #include <netinet/sctp_asconf.h>
110 #include <netinet/sctp_indata.h>
113 * This module needs to be rewritten with an eye towards getting
114 * rid of the user of ifa.. and use another list method George
119 extern uint32_t sctp_debug_on;
123 static struct sockaddr_in *
124 sctp_is_v4_ifa_addr_prefered(struct ifaddr *ifa, uint8_t loopscope, uint8_t ipv4_scope, uint8_t * sin_loop, uint8_t * sin_local)
126 struct sockaddr_in *sin;
129 * Here we determine if its a prefered address. A prefered address
130 * means it is the same scope or higher scope then the destination.
131 * L = loopback, P = private, G = global
132 * ----------------------------------------- src | dest |
133 * result ----------------------------------------- L | L |
134 * yes ----------------------------------------- P | L | yes
135 * ----------------------------------------- G | L | yes
136 * ----------------------------------------- L | P | no
137 * ----------------------------------------- P | P | yes
138 * ----------------------------------------- G | P | no
139 * ----------------------------------------- L | G | no
140 * ----------------------------------------- P | G | no
141 * ----------------------------------------- G | G | yes
142 * -----------------------------------------
145 if (ifa->ifa_addr->sa_family != AF_INET) {
149 /* Ok the address may be ok */
150 sin = (struct sockaddr_in *)ifa->ifa_addr;
151 if (sin->sin_addr.s_addr == 0) {
154 *sin_local = *sin_loop = 0;
155 if ((ifa->ifa_ifp->if_type == IFT_LOOP) ||
156 (IN4_ISLOOPBACK_ADDRESS(&sin->sin_addr))) {
160 if ((IN4_ISPRIVATE_ADDRESS(&sin->sin_addr))) {
163 if (!loopscope && *sin_loop) {
164 /* Its a loopback address and we don't have loop scope */
167 if (!ipv4_scope && *sin_local) {
169 * Its a private address, and we don't have private address
174 if (((ipv4_scope == 0) && (loopscope == 0)) && (*sin_local)) {
175 /* its a global src and a private dest */
178 /* its a prefered address */
182 static struct sockaddr_in *
183 sctp_is_v4_ifa_addr_acceptable(struct ifaddr *ifa, uint8_t loopscope, uint8_t ipv4_scope, uint8_t * sin_loop, uint8_t * sin_local)
185 struct sockaddr_in *sin;
188 * Here we determine if its a acceptable address. A acceptable
189 * address means it is the same scope or higher scope but we can
190 * allow for NAT which means its ok to have a global dest and a
193 * L = loopback, P = private, G = global
194 * ----------------------------------------- src | dest |
195 * result ----------------------------------------- L | L |
196 * yes ----------------------------------------- P | L | yes
197 * ----------------------------------------- G | L | yes
198 * ----------------------------------------- L | P | no
199 * ----------------------------------------- P | P | yes
200 * ----------------------------------------- G | P | yes -
201 * probably this won't work.
202 * ----------------------------------------- L | G |
203 * no ----------------------------------------- P | G |
204 * yes ----------------------------------------- G | G |
205 * yes -----------------------------------------
208 if (ifa->ifa_addr->sa_family != AF_INET) {
212 /* Ok the address may be ok */
213 sin = (struct sockaddr_in *)ifa->ifa_addr;
214 if (sin->sin_addr.s_addr == 0) {
217 *sin_local = *sin_loop = 0;
218 if ((ifa->ifa_ifp->if_type == IFT_LOOP) ||
219 (IN4_ISLOOPBACK_ADDRESS(&sin->sin_addr))) {
223 if ((IN4_ISPRIVATE_ADDRESS(&sin->sin_addr))) {
226 if (!loopscope && *sin_loop) {
227 /* Its a loopback address and we don't have loop scope */
230 /* its an acceptable address */
235 * This treats the address list on the ep as a restricted list (negative
236 * list). If a the passed address is listed, then the address is NOT allowed
237 * on the association.
240 sctp_is_addr_restricted(struct sctp_tcb *stcb, struct sockaddr *addr)
242 struct sctp_laddr *laddr;
249 /* There are no restrictions, no TCB :-) */
253 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list, sctp_nxt_addr) {
256 if (sctp_debug_on & SCTP_DEBUG_OUTPUT4) {
257 printf("There are %d addresses on the restricted list\n", cnt);
261 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list, sctp_nxt_addr) {
262 if (laddr->ifa == NULL) {
264 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
265 printf("Help I have fallen and I can't get up!\n");
271 if (sctp_debug_on & SCTP_DEBUG_OUTPUT4) {
273 printf("Restricted address[%d]:", cnt);
274 sctp_print_address(laddr->ifa->ifa_addr);
277 if (sctp_cmpaddr(addr, laddr->ifa->ifa_addr) == 1) {
278 /* Yes it is on the list */
286 sctp_is_addr_in_ep(struct sctp_inpcb *inp, struct ifaddr *ifa)
288 struct sctp_laddr *laddr;
292 LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) {
293 if (laddr->ifa == NULL) {
295 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
296 printf("Help I have fallen and I can't get up!\n");
301 if (laddr->ifa->ifa_addr == NULL)
303 if (laddr->ifa == ifa)
306 if (laddr->ifa->ifa_addr->sa_family != ifa->ifa_addr->sa_family) {
307 /* skip non compatible address comparison */
310 if (sctp_cmpaddr(ifa->ifa_addr, laddr->ifa->ifa_addr) == 1) {
311 /* Yes it is restricted */
320 static struct in_addr
321 sctp_choose_v4_boundspecific_inp(struct sctp_inpcb *inp,
327 struct sctp_laddr *laddr;
328 struct sockaddr_in *sin;
331 uint8_t sin_loop, sin_local;
335 * first question, is the ifn we will emit on in our list, if so, we
341 /* is a prefered one on the interface we route out? */
342 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
343 sin = sctp_is_v4_ifa_addr_prefered(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
346 if (sctp_is_addr_in_ep(inp, ifa)) {
347 return (sin->sin_addr);
350 /* is an acceptable one on the interface we route out? */
351 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
352 sin = sctp_is_v4_ifa_addr_acceptable(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
355 if (sctp_is_addr_in_ep(inp, ifa)) {
356 return (sin->sin_addr);
360 /* ok, what about a prefered address in the inp */
361 for (laddr = LIST_FIRST(&inp->sctp_addr_list);
362 laddr && (laddr != inp->next_addr_touse);
363 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
364 if (laddr->ifa == NULL) {
365 /* address has been removed */
368 sin = sctp_is_v4_ifa_addr_prefered(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
371 return (sin->sin_addr);
374 /* ok, what about an acceptable address in the inp */
375 for (laddr = LIST_FIRST(&inp->sctp_addr_list);
376 laddr && (laddr != inp->next_addr_touse);
377 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
378 if (laddr->ifa == NULL) {
379 /* address has been removed */
382 sin = sctp_is_v4_ifa_addr_acceptable(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
385 return (sin->sin_addr);
390 * no address bound can be a source for the destination we are in
394 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
395 printf("Src address selection for EP, no acceptable src address found for address\n");
400 memset(&ans, 0, sizeof(ans));
406 static struct in_addr
407 sctp_choose_v4_boundspecific_stcb(struct sctp_inpcb *inp,
408 struct sctp_tcb *stcb,
409 struct sctp_nets *net,
413 int non_asoc_addr_ok)
416 * Here we have two cases, bound all asconf allowed. bound all
417 * asconf not allowed.
420 struct sctp_laddr *laddr, *starting_point;
424 uint8_t sin_loop, sin_local, start_at_beginning = 0;
425 struct sockaddr_in *sin;
429 * first question, is the ifn we will emit on in our list, if so, we
435 if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF)) {
437 * Here we use the list of addresses on the endpoint. Then
438 * the addresses listed on the "restricted" list is just
439 * that, address that have not been added and can't be used
440 * (unless the non_asoc_addr_ok is set).
443 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
444 printf("Have a STCB - asconf allowed, not bound all have a netgative list\n");
448 * first question, is the ifn we will emit on in our list,
449 * if so, we want that one.
452 /* first try for an prefered address on the ep */
453 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
454 if (sctp_is_addr_in_ep(inp, ifa)) {
455 sin = sctp_is_v4_ifa_addr_prefered(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
458 if ((non_asoc_addr_ok == 0) &&
459 (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin))) {
460 /* on the no-no list */
463 return (sin->sin_addr);
466 /* next try for an acceptable address on the ep */
467 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
468 if (sctp_is_addr_in_ep(inp, ifa)) {
469 sin = sctp_is_v4_ifa_addr_acceptable(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
472 if ((non_asoc_addr_ok == 0) &&
473 (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin))) {
474 /* on the no-no list */
477 return (sin->sin_addr);
483 * if we can't find one like that then we must look at all
484 * addresses bound to pick one at first prefereable then
485 * secondly acceptable.
487 starting_point = stcb->asoc.last_used_address;
489 if (stcb->asoc.last_used_address == NULL) {
490 start_at_beginning = 1;
491 stcb->asoc.last_used_address = LIST_FIRST(&inp->sctp_addr_list);
493 /* search beginning with the last used address */
494 for (laddr = stcb->asoc.last_used_address; laddr;
495 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
496 if (laddr->ifa == NULL) {
497 /* address has been removed */
500 sin = sctp_is_v4_ifa_addr_prefered(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
503 if ((non_asoc_addr_ok == 0) &&
504 (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin))) {
505 /* on the no-no list */
508 return (sin->sin_addr);
511 if (start_at_beginning == 0) {
512 stcb->asoc.last_used_address = NULL;
513 goto sctpv4_from_the_top;
515 /* now try for any higher scope than the destination */
516 stcb->asoc.last_used_address = starting_point;
517 start_at_beginning = 0;
518 sctpv4_from_the_top2:
519 if (stcb->asoc.last_used_address == NULL) {
520 start_at_beginning = 1;
521 stcb->asoc.last_used_address = LIST_FIRST(&inp->sctp_addr_list);
523 /* search beginning with the last used address */
524 for (laddr = stcb->asoc.last_used_address; laddr;
525 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
526 if (laddr->ifa == NULL) {
527 /* address has been removed */
530 sin = sctp_is_v4_ifa_addr_acceptable(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
533 if ((non_asoc_addr_ok == 0) &&
534 (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin))) {
535 /* on the no-no list */
538 return (sin->sin_addr);
540 if (start_at_beginning == 0) {
541 stcb->asoc.last_used_address = NULL;
542 goto sctpv4_from_the_top2;
546 * Here we have an address list on the association, thats
547 * the only valid source addresses that we can use.
550 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
551 printf("Have a STCB - no asconf allowed, not bound all have a postive list\n");
555 * First look at all addresses for one that is on the
556 * interface we route out
558 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
560 if (laddr->ifa == NULL) {
561 /* address has been removed */
564 sin = sctp_is_v4_ifa_addr_prefered(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
568 * first question, is laddr->ifa an address
569 * associated with the emit interface
572 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
573 if (laddr->ifa == ifa) {
574 sin = (struct sockaddr_in *)laddr->ifa->ifa_addr;
575 return (sin->sin_addr);
577 if (sctp_cmpaddr(ifa->ifa_addr, laddr->ifa->ifa_addr) == 1) {
578 sin = (struct sockaddr_in *)laddr->ifa->ifa_addr;
579 return (sin->sin_addr);
584 /* what about an acceptable one on the interface? */
585 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
587 if (laddr->ifa == NULL) {
588 /* address has been removed */
591 sin = sctp_is_v4_ifa_addr_acceptable(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
595 * first question, is laddr->ifa an address
596 * associated with the emit interface
599 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
600 if (laddr->ifa == ifa) {
601 sin = (struct sockaddr_in *)laddr->ifa->ifa_addr;
602 return (sin->sin_addr);
604 if (sctp_cmpaddr(ifa->ifa_addr, laddr->ifa->ifa_addr) == 1) {
605 sin = (struct sockaddr_in *)laddr->ifa->ifa_addr;
606 return (sin->sin_addr);
611 /* ok, next one that is preferable in general */
612 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
614 if (laddr->ifa == NULL) {
615 /* address has been removed */
618 sin = sctp_is_v4_ifa_addr_prefered(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
621 return (sin->sin_addr);
624 /* last, what about one that is acceptable */
625 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
627 if (laddr->ifa == NULL) {
628 /* address has been removed */
631 sin = sctp_is_v4_ifa_addr_acceptable(laddr->ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
634 return (sin->sin_addr);
639 memset(&ans, 0, sizeof(ans));
643 static struct sockaddr_in *
644 sctp_select_v4_nth_prefered_addr_from_ifn_boundall(struct ifnet *ifn, struct sctp_tcb *stcb, int non_asoc_addr_ok,
645 uint8_t loopscope, uint8_t ipv4_scope, int cur_addr_num)
648 struct sockaddr_in *sin;
649 uint8_t sin_loop, sin_local;
650 int num_eligible_addr = 0;
652 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
653 sin = sctp_is_v4_ifa_addr_prefered(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
657 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin)) {
659 * It is restricted for some reason..
660 * probably not yet added.
665 if (cur_addr_num == num_eligible_addr) {
674 sctp_count_v4_num_prefered_boundall(struct ifnet *ifn, struct sctp_tcb *stcb, int non_asoc_addr_ok,
675 uint8_t loopscope, uint8_t ipv4_scope, uint8_t * sin_loop, uint8_t * sin_local)
678 struct sockaddr_in *sin;
679 int num_eligible_addr = 0;
681 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
682 sin = sctp_is_v4_ifa_addr_prefered(ifa, loopscope, ipv4_scope, sin_loop, sin_local);
686 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin)) {
688 * It is restricted for some reason..
689 * probably not yet added.
696 return (num_eligible_addr);
700 static struct in_addr
701 sctp_choose_v4_boundall(struct sctp_inpcb *inp,
702 struct sctp_tcb *stcb,
703 struct sctp_nets *net,
707 int non_asoc_addr_ok)
709 int cur_addr_num = 0, num_prefered = 0;
710 uint8_t sin_loop, sin_local;
712 struct sockaddr_in *sin;
718 * For v4 we can use (in boundall) any address in the association.
719 * If non_asoc_addr_ok is set we can use any address (at least in
720 * theory). So we look for prefered addresses first. If we find one,
721 * we use it. Otherwise we next try to get an address on the
722 * interface, which we should be able to do (unless non_asoc_addr_ok
723 * is false and we are routed out that way). In these cases where we
724 * can't use the address of the interface we go through all the
725 * ifn's looking for an address we can use and fill that in. Punting
726 * means we send back address 0, which will probably cause problems
727 * actually since then IP will fill in the address of the route ifn,
728 * which means we probably already rejected it.. i.e. here comes an
734 cur_addr_num = net->indx_of_eligible_next_to_use;
737 goto bound_all_v4_plan_c;
739 num_prefered = sctp_count_v4_num_prefered_boundall(ifn, stcb, non_asoc_addr_ok, loopscope, ipv4_scope, &sin_loop, &sin_local);
741 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
742 printf("Found %d prefered source addresses\n", num_prefered);
745 if (num_prefered == 0) {
747 * no eligible addresses, we must use some other interface
748 * address if we can find one.
750 goto bound_all_v4_plan_b;
753 * Ok we have num_eligible_addr set with how many we can use, this
754 * may vary from call to call due to addresses being deprecated
757 if (cur_addr_num >= num_prefered) {
761 * select the nth address from the list (where cur_addr_num is the
762 * nth) and 0 is the first one, 1 is the second one etc...
765 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
766 printf("cur_addr_num:%d\n", cur_addr_num);
769 sin = sctp_select_v4_nth_prefered_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope,
770 ipv4_scope, cur_addr_num);
772 /* if sin is NULL something changed??, plan_a now */
774 return (sin->sin_addr);
777 * plan_b: Look at the interface that we emit on and see if we can
778 * find an acceptable address.
781 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
782 sin = sctp_is_v4_ifa_addr_acceptable(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
786 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin)) {
788 * It is restricted for some reason..
789 * probably not yet added.
794 return (sin->sin_addr);
797 * plan_c: Look at all interfaces and find a prefered address. If we
798 * reache here we are in trouble I think.
801 for (ifn = TAILQ_FIRST(&ifnet);
802 ifn && (ifn != inp->next_ifn_touse);
803 ifn = TAILQ_NEXT(ifn, if_list)) {
804 if (loopscope == 0 && ifn->if_type == IFT_LOOP) {
805 /* wrong base scope */
808 if (ifn == rt->rt_ifp)
809 /* already looked at this guy */
811 num_prefered = sctp_count_v4_num_prefered_boundall(ifn, stcb, non_asoc_addr_ok,
812 loopscope, ipv4_scope, &sin_loop, &sin_local);
814 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
815 printf("Found ifn:%p %d prefered source addresses\n", ifn, num_prefered);
818 if (num_prefered == 0) {
820 * None on this interface.
825 * Ok we have num_eligible_addr set with how many we can
826 * use, this may vary from call to call due to addresses
827 * being deprecated etc..
829 if (cur_addr_num >= num_prefered) {
832 sin = sctp_select_v4_nth_prefered_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope,
833 ipv4_scope, cur_addr_num);
836 return (sin->sin_addr);
841 * plan_d: We are in deep trouble. No prefered address on any
842 * interface. And the emit interface does not even have an
843 * acceptable address. Take anything we can get! If this does not
844 * work we are probably going to emit a packet that will illicit an
845 * ABORT, falling through.
848 for (ifn = TAILQ_FIRST(&ifnet);
849 ifn && (ifn != inp->next_ifn_touse);
850 ifn = TAILQ_NEXT(ifn, if_list)) {
851 if (loopscope == 0 && ifn->if_type == IFT_LOOP) {
852 /* wrong base scope */
855 if (ifn == rt->rt_ifp)
856 /* already looked at this guy */
859 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
860 sin = sctp_is_v4_ifa_addr_acceptable(ifa, loopscope, ipv4_scope, &sin_loop, &sin_local);
864 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin)) {
866 * It is restricted for some
867 * reason.. probably not yet added.
872 return (sin->sin_addr);
876 * Ok we can find NO address to source from that is not on our
877 * negative list. It is either the special ASCONF case where we are
878 * sourceing from a intf that has been ifconfig'd to a different
879 * address (i.e. it holds a ADD/DEL/SET-PRIM and the proper lookup
880 * address. OR we are hosed, and this baby is going to abort the
883 if (non_asoc_addr_ok) {
884 return (((struct sockaddr_in *)(rt->rt_ifa->ifa_addr))->sin_addr);
888 memset(&ans, 0, sizeof(ans));
895 /* tcb may be NULL */
897 sctp_ipv4_source_address_selection(struct sctp_inpcb *inp,
898 struct sctp_tcb *stcb, struct route *ro, struct sctp_nets *net,
899 int non_asoc_addr_ok)
902 struct sockaddr_in *to = (struct sockaddr_in *)&ro->ro_dst;
903 uint8_t ipv4_scope, loopscope;
906 * Rules: - Find the route if needed, cache if I can. - Look at
907 * interface address in route, Is it in the bound list. If so we
908 * have the best source. - If not we must rotate amongst the
913 * Do we need to pay attention to scope. We can have a private address
914 * or a global address we are sourcing or sending to. So if we draw
915 * it out source * dest * result
916 * ------------------------------------------ a Private *
917 * Global * NAT? ------------------------------------------ b
918 * Private * Private * No problem
919 * ------------------------------------------ c Global *
920 * Private * Huh, How will this work?
921 * ------------------------------------------ d Global *
922 * Global * No Problem ------------------------------------------
924 * And then we add to that what happens if there are multiple addresses
925 * assigned to an interface. Remember the ifa on a ifn is a linked
926 * list of addresses. So one interface can have more than one IPv4
927 * address. What happens if we have both a private and a global
928 * address? Do we then use context of destination to sort out which
929 * one is best? And what about NAT's sending P->G may get you a NAT
930 * translation, or should you select the G thats on the interface in
935 * - count the number of addresses on the interface. - if its one, no
936 * problem except case <c>. For <a> we will assume a NAT out there.
937 * - if there are more than one, then we need to worry about scope P
938 * or G. We should prefer G -> G and P -> P if possible. Then as a
939 * secondary fall back to mixed types G->P being a last ditch one. -
940 * The above all works for bound all, but bound specific we need to
941 * use the same concept but instead only consider the bound
942 * addresses. If the bound set is NOT assigned to the interface then
943 * we must use rotation amongst them.
945 * Notes: For v4, we can always punt and let ip_output decide by
946 * sending back a source of 0.0.0.0
949 if (ro->ro_rt == NULL) {
951 * Need a route to cache.
954 rtalloc_ign(ro, 0UL);
956 if (ro->ro_rt == NULL) {
957 /* No route to host .. punt */
958 memset(&ans, 0, sizeof(ans));
961 /* Setup our scopes */
963 ipv4_scope = stcb->asoc.ipv4_local_scope;
964 loopscope = stcb->asoc.loopback_scope;
966 /* Scope based on outbound address */
967 if ((IN4_ISPRIVATE_ADDRESS(&to->sin_addr))) {
970 } else if (IN4_ISLOOPBACK_ADDRESS(&to->sin_addr)) {
978 if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) {
980 * When bound to all if the address list is set it is a
981 * negative list. Addresses being added by asconf.
983 return (sctp_choose_v4_boundall(inp, stcb, net, ro,
984 ipv4_scope, loopscope, non_asoc_addr_ok));
987 * Three possiblities here:
989 * a) stcb is NULL, which means we operate only from the list of
990 * addresses (ifa's) bound to the assoc and we care not about the
991 * list. b) stcb is NOT-NULL, which means we have an assoc structure
992 * and auto-asconf is on. This means that the list of addresses is a
993 * NOT list. We use the list from the inp, but any listed address in
994 * our list is NOT yet added. However if the non_asoc_addr_ok is set
995 * we CAN use an address NOT available (i.e. being added). Its a
996 * negative list. c) stcb is NOT-NULL, which means we have an assoc
997 * structure and auto-asconf is off. This means that the list of
998 * addresses is the ONLY addresses I can use.. its positive.
1000 * Note we collapse b & c into the same function just like in the v6
1001 * address selection.
1004 return (sctp_choose_v4_boundspecific_stcb(inp, stcb, net,
1005 ro, ipv4_scope, loopscope, non_asoc_addr_ok));
1007 return (sctp_choose_v4_boundspecific_inp(inp, ro,
1008 ipv4_scope, loopscope));
1010 /* this should not be reached */
1011 memset(&ans, 0, sizeof(ans));
1017 static struct sockaddr_in6 *
1018 sctp_is_v6_ifa_addr_acceptable(struct ifaddr *ifa, int loopscope, int loc_scope, int *sin_loop, int *sin_local)
1020 struct in6_ifaddr *ifa6;
1021 struct sockaddr_in6 *sin6;
1024 if (ifa->ifa_addr->sa_family != AF_INET6) {
1028 ifa6 = (struct in6_ifaddr *)ifa;
1029 /* ok to use deprecated addresses? */
1030 if (!ip6_use_deprecated) {
1031 if (IFA6_IS_DEPRECATED(ifa6)) {
1032 /* can't use this type */
1036 /* are we ok, with the current state of this address? */
1037 if (ifa6->ia6_flags &
1038 (IN6_IFF_DETACHED | IN6_IFF_NOTREADY | IN6_IFF_ANYCAST)) {
1039 /* Can't use these types */
1042 /* Ok the address may be ok */
1043 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1044 *sin_local = *sin_loop = 0;
1045 if ((ifa->ifa_ifp->if_type == IFT_LOOP) ||
1046 (IN6_IS_ADDR_LOOPBACK(&sin6->sin6_addr))) {
1049 if (!loopscope && *sin_loop) {
1050 /* Its a loopback address and we don't have loop scope */
1053 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1054 /* we skip unspecifed addresses */
1057 if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr)) {
1060 if (!loc_scope && *sin_local) {
1062 * Its a link local address, and we don't have link local
1071 static struct sockaddr_in6 *
1072 sctp_choose_v6_boundspecific_stcb(struct sctp_inpcb *inp,
1073 struct sctp_tcb *stcb,
1074 struct sctp_nets *net,
1078 int non_asoc_addr_ok)
1081 * Each endpoint has a list of local addresses associated with it.
1082 * The address list is either a "negative list" i.e. those addresses
1083 * that are NOT allowed to be used as a source OR a "postive list"
1084 * i.e. those addresses that CAN be used.
1086 * Its a negative list if asconf is allowed. What we do in this case is
1087 * use the ep address list BUT we have to cross check it against the
1090 * In the case where NO asconf is allowed, we have just a straight
1091 * association level list that we must use to find a source address.
1093 struct sctp_laddr *laddr, *starting_point;
1094 struct sockaddr_in6 *sin6;
1095 int sin_loop, sin_local;
1096 int start_at_beginning = 0;
1103 if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF)) {
1105 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1106 printf("Have a STCB - asconf allowed, not bound all have a netgative list\n");
1110 * first question, is the ifn we will emit on in our list,
1111 * if so, we want that one.
1114 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1115 if (sctp_is_addr_in_ep(inp, ifa)) {
1116 sin6 = sctp_is_v6_ifa_addr_acceptable(ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1119 if ((non_asoc_addr_ok == 0) &&
1120 (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin6))) {
1121 /* on the no-no list */
1128 starting_point = stcb->asoc.last_used_address;
1129 /* First try for matching scope */
1131 if (stcb->asoc.last_used_address == NULL) {
1132 start_at_beginning = 1;
1133 stcb->asoc.last_used_address = LIST_FIRST(&inp->sctp_addr_list);
1135 /* search beginning with the last used address */
1136 for (laddr = stcb->asoc.last_used_address; laddr;
1137 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
1138 if (laddr->ifa == NULL) {
1139 /* address has been removed */
1142 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1145 if ((non_asoc_addr_ok == 0) && (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin6))) {
1146 /* on the no-no list */
1149 /* is it of matching scope ? */
1150 if ((loopscope == 0) &&
1154 /* all of global scope we are ok with it */
1157 if (loopscope && sin_loop)
1158 /* both on the loopback, thats ok */
1160 if (loc_scope && sin_local)
1161 /* both local scope */
1165 if (start_at_beginning == 0) {
1166 stcb->asoc.last_used_address = NULL;
1167 goto sctp_from_the_top;
1169 /* now try for any higher scope than the destination */
1170 stcb->asoc.last_used_address = starting_point;
1171 start_at_beginning = 0;
1173 if (stcb->asoc.last_used_address == NULL) {
1174 start_at_beginning = 1;
1175 stcb->asoc.last_used_address = LIST_FIRST(&inp->sctp_addr_list);
1177 /* search beginning with the last used address */
1178 for (laddr = stcb->asoc.last_used_address; laddr;
1179 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
1180 if (laddr->ifa == NULL) {
1181 /* address has been removed */
1184 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1187 if ((non_asoc_addr_ok == 0) && (sctp_is_addr_restricted(stcb, (struct sockaddr *)sin6))) {
1188 /* on the no-no list */
1193 if (start_at_beginning == 0) {
1194 stcb->asoc.last_used_address = NULL;
1195 goto sctp_from_the_top2;
1199 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1200 printf("Have a STCB - no asconf allowed, not bound all have a postive list\n");
1203 /* First try for interface output match */
1204 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
1206 if (laddr->ifa == NULL) {
1207 /* address has been removed */
1210 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1214 * first question, is laddr->ifa an address
1215 * associated with the emit interface
1218 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1219 if (laddr->ifa == ifa) {
1220 sin6 = (struct sockaddr_in6 *)laddr->ifa->ifa_addr;
1223 if (sctp_cmpaddr(ifa->ifa_addr, laddr->ifa->ifa_addr) == 1) {
1224 sin6 = (struct sockaddr_in6 *)laddr->ifa->ifa_addr;
1230 /* Next try for matching scope */
1231 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
1233 if (laddr->ifa == NULL) {
1234 /* address has been removed */
1237 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1241 if ((loopscope == 0) &&
1245 /* all of global scope we are ok with it */
1248 if (loopscope && sin_loop)
1249 /* both on the loopback, thats ok */
1251 if (loc_scope && sin_local)
1252 /* both local scope */
1255 /* ok, now try for a higher scope in the source address */
1256 /* First try for matching scope */
1257 LIST_FOREACH(laddr, &stcb->asoc.sctp_local_addr_list,
1259 if (laddr->ifa == NULL) {
1260 /* address has been removed */
1263 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1274 static struct sockaddr_in6 *
1275 sctp_choose_v6_boundspecific_inp(struct sctp_inpcb *inp,
1281 * Here we are bound specific and have only an inp. We must find an
1282 * address that is bound that we can give out as a src address. We
1283 * prefer two addresses of same scope if we can find them that way.
1285 struct sctp_laddr *laddr;
1286 struct sockaddr_in6 *sin6;
1289 int sin_loop, sin_local;
1293 * first question, is the ifn we will emit on in our list, if so, we
1300 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1301 sin6 = sctp_is_v6_ifa_addr_acceptable(ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1304 if (sctp_is_addr_in_ep(inp, ifa)) {
1309 for (laddr = LIST_FIRST(&inp->sctp_addr_list);
1310 laddr && (laddr != inp->next_addr_touse);
1311 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
1312 if (laddr->ifa == NULL) {
1313 /* address has been removed */
1316 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1320 if ((loopscope == 0) &&
1324 /* all of global scope we are ok with it */
1327 if (loopscope && sin_loop)
1328 /* both on the loopback, thats ok */
1330 if (loc_scope && sin_local)
1331 /* both local scope */
1336 * if we reach here, we could not find two addresses of the same
1337 * scope to give out. Lets look for any higher level scope for a
1340 for (laddr = LIST_FIRST(&inp->sctp_addr_list);
1341 laddr && (laddr != inp->next_addr_touse);
1342 laddr = LIST_NEXT(laddr, sctp_nxt_addr)) {
1343 if (laddr->ifa == NULL) {
1344 /* address has been removed */
1347 sin6 = sctp_is_v6_ifa_addr_acceptable(laddr->ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1352 /* no address bound can be a source for the destination */
1354 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1355 printf("Src address selection for EP, no acceptable src address found for address\n");
1364 static struct sockaddr_in6 *
1365 sctp_select_v6_nth_addr_from_ifn_boundall(struct ifnet *ifn, struct sctp_tcb *stcb, int non_asoc_addr_ok, uint8_t loopscope,
1366 uint8_t loc_scope, int cur_addr_num, int match_scope)
1369 struct sockaddr_in6 *sin6;
1370 int sin_loop, sin_local;
1371 int num_eligible_addr = 0;
1373 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1374 sin6 = sctp_is_v6_ifa_addr_acceptable(ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1378 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin6)) {
1380 * It is restricted for some reason..
1381 * probably not yet added.
1387 /* Here we are asked to match scope if possible */
1388 if (loopscope && sin_loop)
1389 /* src and destination are loopback scope */
1391 if (loc_scope && sin_local)
1392 /* src and destination are local scope */
1394 if ((loopscope == 0) &&
1398 /* src and destination are global scope */
1403 if (num_eligible_addr == cur_addr_num) {
1407 num_eligible_addr++;
1414 sctp_count_v6_num_eligible_boundall(struct ifnet *ifn, struct sctp_tcb *stcb,
1415 int non_asoc_addr_ok, uint8_t loopscope, uint8_t loc_scope)
1418 struct sockaddr_in6 *sin6;
1419 int num_eligible_addr = 0;
1420 int sin_loop, sin_local;
1422 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1423 sin6 = sctp_is_v6_ifa_addr_acceptable(ifa, loopscope, loc_scope, &sin_loop, &sin_local);
1427 if ((non_asoc_addr_ok == 0) && sctp_is_addr_restricted(stcb, (struct sockaddr *)sin6)) {
1429 * It is restricted for some reason..
1430 * probably not yet added.
1435 num_eligible_addr++;
1437 return (num_eligible_addr);
1441 static struct sockaddr_in6 *
1442 sctp_choose_v6_boundall(struct sctp_inpcb *inp,
1443 struct sctp_tcb *stcb,
1444 struct sctp_nets *net,
1448 int non_asoc_addr_ok)
1451 * Ok, we are bound all SO any address is ok to use as long as it is
1452 * NOT in the negative list.
1454 int num_eligible_addr;
1455 int cur_addr_num = 0;
1456 int started_at_beginning = 0;
1457 int match_scope_prefered;
1460 * first question is, how many eligible addresses are there for the
1461 * destination ifn that we are using that are within the proper
1465 struct sockaddr_in6 *sin6;
1471 cur_addr_num = net->indx_of_eligible_next_to_use;
1473 if (cur_addr_num == 0) {
1474 match_scope_prefered = 1;
1476 match_scope_prefered = 0;
1478 num_eligible_addr = sctp_count_v6_num_eligible_boundall(ifn, stcb, non_asoc_addr_ok, loopscope, loc_scope);
1480 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1481 printf("Found %d eligible source addresses\n", num_eligible_addr);
1484 if (num_eligible_addr == 0) {
1486 * no eligible addresses, we must use some other interface
1487 * address if we can find one.
1489 goto bound_all_v6_plan_b;
1492 * Ok we have num_eligible_addr set with how many we can use, this
1493 * may vary from call to call due to addresses being deprecated
1496 if (cur_addr_num >= num_eligible_addr) {
1500 * select the nth address from the list (where cur_addr_num is the
1501 * nth) and 0 is the first one, 1 is the second one etc...
1504 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1505 printf("cur_addr_num:%d match_scope_prefered:%d select it\n",
1506 cur_addr_num, match_scope_prefered);
1509 sin6 = sctp_select_v6_nth_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope,
1510 loc_scope, cur_addr_num, match_scope_prefered);
1511 if (match_scope_prefered && (sin6 == NULL)) {
1512 /* retry without the preference for matching scope */
1514 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1515 printf("retry with no match_scope_prefered\n");
1518 sin6 = sctp_select_v6_nth_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope,
1519 loc_scope, cur_addr_num, 0);
1523 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1524 printf("Selected address %d ifn:%p for the route\n", cur_addr_num, ifn);
1528 /* store so we get the next one */
1529 if (cur_addr_num < 255)
1530 net->indx_of_eligible_next_to_use = cur_addr_num + 1;
1532 net->indx_of_eligible_next_to_use = 0;
1536 num_eligible_addr = 0;
1537 bound_all_v6_plan_b:
1539 * ok, if we reach here we either fell through due to something
1540 * changing during an interupt (unlikely) or we have NO eligible
1541 * source addresses for the ifn of the route (most likely). We must
1542 * look at all the other interfaces EXCEPT rt->rt_ifp and do the
1545 if (inp->next_ifn_touse == NULL) {
1546 started_at_beginning = 1;
1547 inp->next_ifn_touse = TAILQ_FIRST(&ifnet);
1549 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1550 printf("Start at first IFN:%p\n", inp->next_ifn_touse);
1554 inp->next_ifn_touse = TAILQ_NEXT(inp->next_ifn_touse, if_list);
1556 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1557 printf("Resume at IFN:%p\n", inp->next_ifn_touse);
1560 if (inp->next_ifn_touse == NULL) {
1562 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1563 printf("IFN Resets\n");
1566 started_at_beginning = 1;
1567 inp->next_ifn_touse = TAILQ_FIRST(&ifnet);
1570 for (ifn = inp->next_ifn_touse; ifn;
1571 ifn = TAILQ_NEXT(ifn, if_list)) {
1572 if (loopscope == 0 && ifn->if_type == IFT_LOOP) {
1573 /* wrong base scope */
1576 if (loc_scope && (ifn->if_index != loc_scope)) {
1578 * by definition the scope (from to->sin6_scopeid)
1579 * must match that of the interface. If not then we
1580 * could pick a wrong scope for the address.
1581 * Ususally we don't hit plan-b since the route
1582 * handles this. However we can hit plan-b when we
1583 * send to local-host so the route is the loopback
1584 * interface, but the destination is a link local.
1588 if (ifn == rt->rt_ifp) {
1589 /* already looked at this guy */
1593 * Address rotation will only work when we are not rotating
1594 * sourced interfaces and are using the interface of the
1595 * route. We would need to have a per interface index in
1596 * order to do proper rotation.
1598 num_eligible_addr = sctp_count_v6_num_eligible_boundall(ifn, stcb, non_asoc_addr_ok, loopscope, loc_scope);
1600 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1601 printf("IFN:%p has %d eligible\n", ifn, num_eligible_addr);
1604 if (num_eligible_addr == 0) {
1605 /* none we can use */
1609 * Ok we have num_eligible_addr set with how many we can
1610 * use, this may vary from call to call due to addresses
1611 * being deprecated etc..
1613 inp->next_ifn_touse = ifn;
1616 * select the first one we can find with perference for
1619 sin6 = sctp_select_v6_nth_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope, loc_scope, 0, 1);
1622 * can't find one with matching scope how about a
1623 * source with higher scope
1625 sin6 = sctp_select_v6_nth_addr_from_ifn_boundall(ifn, stcb, non_asoc_addr_ok, loopscope, loc_scope, 0, 0);
1627 /* Hmm, can't find one in the interface now */
1631 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1632 printf("Selected the %d'th address of ifn:%p\n",
1639 if (started_at_beginning == 0) {
1641 * we have not been through all of them yet, force us to go
1645 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1646 printf("Force a recycle\n");
1649 inp->next_ifn_touse = NULL;
1650 goto bound_all_v6_plan_b;
1658 /* stcb and net may be NULL */
1660 sctp_ipv6_source_address_selection(struct sctp_inpcb *inp,
1661 struct sctp_tcb *stcb, struct route *ro, struct sctp_nets *net,
1662 int non_asoc_addr_ok)
1664 struct in6_addr ans;
1665 struct sockaddr_in6 *rt_addr;
1666 uint8_t loc_scope, loopscope;
1667 struct sockaddr_in6 *to = (struct sockaddr_in6 *)&ro->ro_dst;
1670 * This routine is tricky standard v6 src address selection cannot
1671 * take into account what we have bound etc, so we can't use it.
1673 * Instead here is what we must do: 1) Make sure we have a route, if we
1674 * don't have a route we can never reach the peer. 2) Once we have a
1675 * route, determine the scope of the route. Link local, loopback or
1676 * global. 3) Next we divide into three types. Either we are bound
1677 * all.. which means we want to use one of the addresses of the
1678 * interface we are going out. <or> 4a) We have not stcb, which
1679 * means we are using the specific addresses bound on an inp, in
1680 * this case we are similar to the stcb case (4b below) accept the
1681 * list is always a positive list.<or> 4b) We are bound specific
1682 * with a stcb, which means we have a list of bound addresses and we
1683 * must see if the ifn of the route is actually one of the bound
1684 * addresses. If not, then we must rotate addresses amongst properly
1685 * scoped bound addresses, if so we use the address of the
1686 * interface. 5) Always, no matter which path we take through the
1687 * above we must be sure the source address we use is allowed to be
1688 * used. I.e. IN6_IFF_DETACHED, IN6_IFF_NOTREADY, and
1689 * IN6_IFF_ANYCAST addresses cannot be used. 6) Addresses that are
1690 * deprecated MAY be used if (!ip6_use_deprecated) { if
1691 * (IFA6_IS_DEPRECATED(ifa6)) { skip the address } }
1694 /*** 1> determine route, if not already done */
1695 if (ro->ro_rt == NULL) {
1697 * Need a route to cache.
1701 scope_save = to->sin6_scope_id;
1702 to->sin6_scope_id = 0;
1704 rtalloc_ign(ro, 0UL);
1705 to->sin6_scope_id = scope_save;
1707 if (ro->ro_rt == NULL) {
1709 * no route to host. this packet is going no-where. We
1710 * probably should make sure we arrange to send back an
1714 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1715 printf("No route to host, this packet cannot be sent!\n");
1718 memset(&ans, 0, sizeof(ans));
1721 /*** 2a> determine scope for outbound address/route */
1722 loc_scope = loopscope = 0;
1724 * We base our scope on the outbound packet scope and route, NOT the
1725 * TCB (if there is one). This way in local scope we will only use a
1726 * local scope src address when we send to a local address.
1729 if (IN6_IS_ADDR_LOOPBACK(&to->sin6_addr)) {
1731 * If the route goes to the loopback address OR the address
1732 * is a loopback address, we are loopback scope.
1737 /* mark it as local */
1738 net->addr_is_local = 1;
1740 } else if (IN6_IS_ADDR_LINKLOCAL(&to->sin6_addr)) {
1741 if (to->sin6_scope_id)
1742 loc_scope = to->sin6_scope_id;
1749 * now, depending on which way we are bound we call the appropriate
1750 * routine to do steps 3-6
1753 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1754 printf("Destination address:");
1755 sctp_print_address((struct sockaddr *)to);
1759 if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) {
1760 rt_addr = sctp_choose_v6_boundall(inp, stcb, net, ro, loc_scope, loopscope, non_asoc_addr_ok);
1763 rt_addr = sctp_choose_v6_boundspecific_stcb(inp, stcb, net, ro, loc_scope, loopscope, non_asoc_addr_ok);
1766 * we can't have a non-asoc address since we have no
1769 rt_addr = sctp_choose_v6_boundspecific_inp(inp, ro, loc_scope, loopscope);
1771 if (rt_addr == NULL) {
1772 /* no suitable address? */
1773 struct in6_addr in6;
1776 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1777 printf("V6 packet will reach dead-end no suitable src address\n");
1780 memset(&in6, 0, sizeof(in6));
1784 if (sctp_debug_on & SCTP_DEBUG_OUTPUT1) {
1785 printf("Source address selected is:");
1786 sctp_print_address((struct sockaddr *)rt_addr);
1789 return (rt_addr->sin6_addr);
1795 sctp_is_address_in_scope(struct ifaddr *ifa,
1796 int ipv4_addr_legal,
1797 int ipv6_addr_legal,
1799 int ipv4_local_scope,
1803 if ((loopback_scope == 0) &&
1805 (ifa->ifa_ifp->if_type == IFT_LOOP)) {
1807 * skip loopback if not in scope *
1811 if ((ifa->ifa_addr->sa_family == AF_INET) && ipv4_addr_legal) {
1812 struct sockaddr_in *sin;
1814 sin = (struct sockaddr_in *)ifa->ifa_addr;
1815 if (sin->sin_addr.s_addr == 0) {
1816 /* not in scope , unspecified */
1819 if ((ipv4_local_scope == 0) &&
1820 (IN4_ISPRIVATE_ADDRESS(&sin->sin_addr))) {
1821 /* private address not in scope */
1824 } else if ((ifa->ifa_addr->sa_family == AF_INET6) && ipv6_addr_legal) {
1825 struct sockaddr_in6 *sin6;
1826 struct in6_ifaddr *ifa6;
1828 ifa6 = (struct in6_ifaddr *)ifa;
1829 /* ok to use deprecated addresses? */
1830 if (!ip6_use_deprecated) {
1831 if (ifa6->ia6_flags &
1832 IN6_IFF_DEPRECATED) {
1836 if (ifa6->ia6_flags &
1839 IN6_IFF_NOTREADY)) {
1842 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1843 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
1844 /* skip unspecifed addresses */
1847 if ( /* (local_scope == 0) && */
1848 (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))) {
1851 if ((site_scope == 0) &&
1852 (IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr))) {
1861 static struct mbuf *
1862 sctp_add_addr_to_mbuf(struct mbuf *m, struct ifaddr *ifa)
1864 struct sctp_paramhdr *parmh;
1868 if (ifa->ifa_addr->sa_family == AF_INET) {
1869 len = sizeof(struct sctp_ipv4addr_param);
1870 } else if (ifa->ifa_addr->sa_family == AF_INET6) {
1871 len = sizeof(struct sctp_ipv6addr_param);
1877 if (M_TRAILINGSPACE(m) >= len) {
1878 /* easy side we just drop it on the end */
1879 parmh = (struct sctp_paramhdr *)(m->m_data + m->m_len);
1882 /* Need more space */
1884 while (mret->m_next != NULL) {
1885 mret = mret->m_next;
1887 mret->m_next = sctp_get_mbuf_for_msg(len, 0, M_DONTWAIT, 1, MT_DATA);
1888 if (mret->m_next == NULL) {
1889 /* We are hosed, can't add more addresses */
1892 mret = mret->m_next;
1893 parmh = mtod(mret, struct sctp_paramhdr *);
1895 /* now add the parameter */
1896 if (ifa->ifa_addr->sa_family == AF_INET) {
1897 struct sctp_ipv4addr_param *ipv4p;
1898 struct sockaddr_in *sin;
1900 sin = (struct sockaddr_in *)ifa->ifa_addr;
1901 ipv4p = (struct sctp_ipv4addr_param *)parmh;
1902 parmh->param_type = htons(SCTP_IPV4_ADDRESS);
1903 parmh->param_length = htons(len);
1904 ipv4p->addr = sin->sin_addr.s_addr;
1906 } else if (ifa->ifa_addr->sa_family == AF_INET6) {
1907 struct sctp_ipv6addr_param *ipv6p;
1908 struct sockaddr_in6 *sin6;
1910 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
1911 ipv6p = (struct sctp_ipv6addr_param *)parmh;
1912 parmh->param_type = htons(SCTP_IPV6_ADDRESS);
1913 parmh->param_length = htons(len);
1914 memcpy(ipv6p->addr, &sin6->sin6_addr,
1915 sizeof(ipv6p->addr));
1916 /* clear embedded scope in the address */
1917 in6_clearscope((struct in6_addr *)ipv6p->addr);
1927 sctp_add_addresses_to_i_ia(struct sctp_inpcb *inp, struct sctp_scoping *scope, struct mbuf *m_at, int cnt_inits_to)
1931 if (inp->sctp_flags & SCTP_PCB_FLAGS_BOUNDALL) {
1936 TAILQ_FOREACH(ifn, &ifnet, if_list) {
1937 if ((scope->loopback_scope == 0) &&
1938 (ifn->if_type == IFT_LOOP)) {
1940 * Skip loopback devices if loopback_scope
1945 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1946 if (sctp_is_address_in_scope(ifa,
1947 scope->ipv4_addr_legal,
1948 scope->ipv6_addr_legal,
1949 scope->loopback_scope,
1950 scope->ipv4_local_scope,
1952 scope->site_scope) == 0) {
1959 TAILQ_FOREACH(ifn, &ifnet, if_list) {
1960 if ((scope->loopback_scope == 0) &&
1961 (ifn->if_type == IFT_LOOP)) {
1963 * Skip loopback devices if
1964 * loopback_scope not set
1968 TAILQ_FOREACH(ifa, &ifn->if_addrlist, ifa_list) {
1969 if (sctp_is_address_in_scope(ifa,
1970 scope->ipv4_addr_legal,
1971 scope->ipv6_addr_legal,
1972 scope->loopback_scope,
1973 scope->ipv4_local_scope,
1975 scope->site_scope) == 0) {
1978 m_at = sctp_add_addr_to_mbuf(m_at, ifa);
1983 struct sctp_laddr *laddr;
1987 /* First, how many ? */
1988 LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) {
1989 if (laddr->ifa == NULL) {
1992 if (laddr->ifa->ifa_addr == NULL)
1994 if (sctp_is_address_in_scope(laddr->ifa,
1995 scope->ipv4_addr_legal,
1996 scope->ipv6_addr_legal,
1997 scope->loopback_scope,
1998 scope->ipv4_local_scope,
2000 scope->site_scope) == 0) {
2006 * To get through a NAT we only list addresses if we have
2007 * more than one. That way if you just bind a single address
2008 * we let the source of the init dictate our address.
2011 LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) {
2012 if (laddr->ifa == NULL) {
2015 if (laddr->ifa->ifa_addr == NULL) {
2018 if (sctp_is_address_in_scope(laddr->ifa,
2019 scope->ipv4_addr_legal,
2020 scope->ipv6_addr_legal,
2021 scope->loopback_scope,
2022 scope->ipv4_local_scope,
2024 scope->site_scope) == 0) {
2027 m_at = sctp_add_addr_to_mbuf(m_at, laddr->ifa);